pidgin MSN protocol integer overflow in slplink.c
Bug #247140 reported by
Fumihito YOSHIDA
This bug report is a duplicate of:
Bug #245770: [CVE-2008-2927] MSN integer overflow in Pidgin.
Edit
Remove
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Japanese Kaizen Project |
Triaged
|
Medium
|
Unassigned |
Bug Description
see http://
Multiple integer overflows in the msn_slplink_
(1) libpurple/
(2) libpurple/
in Pidgin before 2.4.3 allow remote attackers to execute arbitrary code via a malformed SLP message,
a different vulnerability than CVE-2008-2955(*).
(*) CVE-2008-2955 is unpatched (zero-day).
CVE References
To post a comment you must log in.
Here is the debdiff.